CVE-2020-18684

Floodlight through 1.2 has an integer overflow in checkFlow in StaticFlowEntryPusherResource.java via priority or port number...

Floodlight 输入验证错误漏洞

Floodlight is an open source OpenFlow controller. Floodlight is vulnerable to an integer overflow vulnerability, which stems from the software having an integer overflow in the checkFlow of StaticFlowEntryPusherResource.java via priority or port number. No detailed vulnerability details are...

Cross-Site Request Forgery (CSRF) in firefly-iii/firefly-iii

Description Hello dear firefly-iii team I found some CSRFs with low priority in firefly-iii...

[SECURITY] Fedora 34 Update: condor-8.8.15-1.fc34

HTCondor is a workload management system for high-throughput and high-performance jobs. Like other full-featured batch systems, HTCondor provides a job queuing mechanism, scheduling policy, priority scheme, resource monitoring, and resource management. Users submit their serial or parallel jobs t...

Unchecked transfers found in 3 contracts

Handle maplesyrup Vulnerability details Impact This is a high priority vulnerability because it definitely affects the way that funds are transferred and sent between the contracts. You want to make sure that you check the boolean value from these transfer functions in order to make sure that the...

WAF-A-MoLE - A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls

A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller et al. Given an input SQL injection query, it tries to produce a semantic invariant query that is able to bypass the target WAF. You can use this tool for assessin...

Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online

A security vulnerability in Cisco Adaptive Security Appliance ASA that was addressed by the company last October, and again earlier this April, has been subjected to active in-the-wild attacks following the release of proof-of-concept PoC exploit code. The PoC was published by researchers from...

The vulnerability of the Python Priority Library, related to resource management errors, allows a hacker to cause a service failure.

The vulnerability of the Python Priority Library is related to resource management errors. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

The vulnerability of Linux operating system’s kernel-based PI futex components, which allows a hacker to execute arbitrary code at the kernel level

The vulnerability of Linux operating system’s kernel PI futexes relates to the use of memory after it is freed. Exploiting this vulnerability allows an attacker to execute arbitrary code at the kernel level...

PT-2024-11102 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.12.0-rc8+ Description: The issue arises when booting a kernel with "irqchip.gicv3 pseudo nmi=1" on the command line, causing a warning during kernel entry due to the manipulation of the PMR. The lockdep hardir...

Priority Software Priority Enterprise Management System Cross-Site Scripting Vulnerability

Priority Software Priority Enterprise Management System is an application from Priority Software, Inc. An intelligent ERP platform for managing organizations in the cloud. A cross-site scripting vulnerability exists in Priority Enterprise Management System version v8.00, which originates from the...

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

Cross site scripting

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

CVE-2021-26832

Cross Site Scripting XSS in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site...

CVE-2021-26832

CVE-2021-26832 describes a cross-site scripting (XSS) vulnerability in Priority Enterprise Management System v8.00, originating from the Reset Password page form. The available references indicate that an attacker can cause a victim’s browser to execute JavaScript by delivering a malicious URL or...

Priority Software Priority Enterprise Management System 跨站脚本漏洞

Priority Software Priority Enterprise Management System is an application from Priority Software, Inc. An intelligent ERP platform for managing organizations in the cloud. A cross-site scripting vulnerability exists in Priority Enterprise Management System version v8.00, which originates from the...

kernel: Use after free via PI futex state

A flaw was found in the Linux kernel. A use-after-free memory flaw in the Fast Userspace Mutexes functionality allowing a local user to crash the system or escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as syste...

Who has the fastest F1 website in 2021? Part 2

Ohhh, you've come back for more? Excellent. I was worried it was just going to be me sat here, typing to myself. This is part 2 in a multi-part series looking at the loading performance of F1 websites. Not interested in F1? It shouldn't matter. This is just a performance review of 10...